aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2019-01-09 23:29:30 +0100
committerJeremy Benoist <jeremy.benoist@gmail.com>2019-01-09 23:31:14 +0100
commit3a2d4cf9fda87760c86320a7f8a5041d1d4256c6 (patch)
treee21e28b440f9318cd3fbb91043e40e0d725bbc5c
parent4d0c632c70ea50d459c3c55ddda2e0f394dd51cb (diff)
downloadwallabag-3a2d4cf9fda87760c86320a7f8a5041d1d4256c6.tar.gz
wallabag-3a2d4cf9fda87760c86320a7f8a5041d1d4256c6.tar.zst
wallabag-3a2d4cf9fda87760c86320a7f8a5041d1d4256c6.zip
Cast client id to avoid PG error
If someone send a malformated client_id when trying to authenticate using the API we got a 500 if wallabag use postgres because the request send a string instead of an integer.
-rw-r--r--src/Wallabag/ApiBundle/Entity/Client.php2
-rw-r--r--src/Wallabag/ApiBundle/Repository/ClientRepository.php19
-rw-r--r--tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php14
3 files changed, 34 insertions, 1 deletions
diff --git a/src/Wallabag/ApiBundle/Entity/Client.php b/src/Wallabag/ApiBundle/Entity/Client.php
index e6f98f98..78349820 100644
--- a/src/Wallabag/ApiBundle/Entity/Client.php
+++ b/src/Wallabag/ApiBundle/Entity/Client.php
@@ -11,7 +11,7 @@ use Wallabag\UserBundle\Entity\User;
11 11
12/** 12/**
13 * @ORM\Table("oauth2_clients") 13 * @ORM\Table("oauth2_clients")
14 * @ORM\Entity 14 * @ORM\Entity(repositoryClass="Wallabag\ApiBundle\Repository\ClientRepository")
15 */ 15 */
16class Client extends BaseClient 16class Client extends BaseClient
17{ 17{
diff --git a/src/Wallabag/ApiBundle/Repository/ClientRepository.php b/src/Wallabag/ApiBundle/Repository/ClientRepository.php
new file mode 100644
index 00000000..fc14262e
--- /dev/null
+++ b/src/Wallabag/ApiBundle/Repository/ClientRepository.php
@@ -0,0 +1,19 @@
1<?php
2
3namespace Wallabag\ApiBundle\Repository;
4
5use Doctrine\ORM\EntityRepository;
6
7class ClientRepository extends EntityRepository
8{
9 public function findOneBy(array $criteria, array $orderBy = null)
10 {
11 if (!empty($criteria['id'])) {
12 // cast client id to be an integer to avoid postgres error:
13 // "invalid input syntax for integer"
14 $criteria['id'] = (int) $criteria['id'];
15 }
16
17 return parent::findOneBy($criteria, $orderBy);
18 }
19}
diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
index f58d1c12..e1a0ac7e 100644
--- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
@@ -56,6 +56,20 @@ class DeveloperControllerTest extends WallabagCoreTestCase
56 $this->assertArrayHasKey('refresh_token', $data); 56 $this->assertArrayHasKey('refresh_token', $data);
57 } 57 }
58 58
59 public function testCreateTokenWithBadClientId()
60 {
61 $client = $this->getClient();
62 $client->request('POST', '/oauth/v2/token', [
63 'grant_type' => 'password',
64 'client_id' => '$WALLABAG_CLIENT_ID',
65 'client_secret' => 'secret',
66 'username' => 'admin',
67 'password' => 'mypassword',
68 ]);
69
70 $this->assertSame(400, $client->getResponse()->getStatusCode());
71 }
72
59 public function testListingClient() 73 public function testListingClient()
60 { 74 {
61 $this->logInAs('admin'); 75 $this->logInAs('admin');